package com.card.manager.controller;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import com.card.manager.services.UserService;
import com.card.manager.utils.Md5PwdEncoder;


@Controller
public class LoginController {
	
	@Autowired(required=true)
	private UserService userService;
	
	@RequestMapping(value="/user/relogin")
	public ModelAndView relogin(@RequestParam String error,HttpServletRequest request) {
		if(null!=error && "1".equals(error)){
			System.out.println("--------------------------验证失败，重新登录中.......");
		}
		SecurityContext sc = (SecurityContext)request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
		sc.setAuthentication(null);
		request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
		return new ModelAndView("../index","error","用户名和密码有误，请确认后重新登录");
	}

	@RequestMapping(value="/user/login",method=RequestMethod.GET)
	public String login() {
		return "../index";
	}
	
	
	@RequestMapping(value="/user/denied",method=RequestMethod.GET)
	public String denied(){
		return "/common/denied";
	}
	
	@RequestMapping(value="/user/timedout",method=RequestMethod.GET)
	public ModelAndView timedout(){	
		return new ModelAndView("../index","error","页面超时，请重新登录");
	}
	
	@RequestMapping("/user/logout")
	public void logout(HttpServletRequest request,HttpServletResponse response) throws IOException {
		SecurityContext sc = (SecurityContext)request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
		if(sc != null)
			sc.setAuthentication(null);
		request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
		request.getSession().invalidate();
		response.getOutputStream().print("<script>top.opener=null;top.close();</script>");
//		return "logout";
	}
	
	@RequestMapping(value="/user/changePasswordPopWindow",method=RequestMethod.GET)
	public String changePassword(){
		return "changePasswordPopWindow";
	}
	@RequestMapping(value="/user/changePassword")
	@ResponseBody
	public Map<String, Object> changePassword(HttpServletRequest request){
		SecurityContext sc = (SecurityContext)request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
		String username = sc.getAuthentication().getName();
		String opass = request.getParameter("opass");
		String npass = request.getParameter("npass");
		int result = userService.updatePassword(username, Md5PwdEncoder.encodePassword(opass), Md5PwdEncoder.encodePassword(npass));
		Map<String,Object> map = new HashMap<String,Object>();
		if(result == 1){
			map.put("result", "succ");
		}else{
			map.put("result", "fail");
		}
		return map;
	}
	@RequestMapping(value="/user/reLogin")
	public ModelAndView reLogin(HttpServletRequest request) {
		SecurityContext sc = (SecurityContext)request.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
		if(sc != null)
			sc.setAuthentication(null);
		request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
		return new ModelAndView("../index","error","用户名和密码有误，请确认后重新登录");
	}
	public static void main(String[] args){
		System.out.println(Md5PwdEncoder.encodePassword("111111"));
	}
}